网站建设资讯

NEWS

网站建设资讯

Oraclestartupinrestrictedmode

关于OCP的小知识点,实例受限启动,实例启动的知识点很多,也是OCP学习的重点,需要多看官方文档和多做测试。
Restricting Access to an Instance at Startup 
--实例启动限制

You can start an instance, and optionally mount and open a database, in restricted mode so that the instance is available only to administrative personnel (not general database users).
Use this mode of instance startup when you must accomplish one of the following tasks:
--实例启动限制模式适用的场景,一定是我们不希望其他连接访问数据,对数据库数据进行改动,数据备份,loader,临时阻止已经升级迁移会常常使用到。

•Perform an export or import of data
•Perform a data load (with SQL*Loader)
•Temporarily prevent typical users from using data
•Perform certain migration or upgrade operations

Typically, all users with the CREATE SESSION system privilege can connect to an open database. Opening a database in restricted mode allows database access only to users with both the CREATE SESSION and RESTRICTED SESSION system privilege. Only database administrators should have the RESTRICTED SESSION system privilege. Further, when the instance is in restricted mode, a database administrator cannot access the instance remotely through an Oracle Net listener, but can only access the instance locally from the system that the instance is running on. 

The following command starts an instance (and mounts and opens the database) in restricted mode:

小实验:
[root@11g-ocp ~]# su - oracle
<11g-ocp:orcl:/home/oracle>$sqlplus / as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 12 18:12:11 2018

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, Automatic Storage Management, OLAP and Real Application Testing options

SQL> startup restrict force 
ORACLE instance started.
--限制模式启动

Total System Global Area 1870647296 bytes
Fixed Size                  2254304 bytes
Variable Size             503319072 bytes
Database Buffers         1358954496 bytes
Redo Buffers                6119424 bytes
Database mounted.
Database opened.
SQL> drop user roidba;
--删除测试用户

User dropped.

SQL> create user roidba identified by roidba;
--创建测试用户

User created.

SQL> grant connect,resource to roidba;
--授权访问

Grant succeeded.

SQL> conn roidba/roidba;
ERROR:
ORA-01035: ORACLE only available to users with RESTRICTED SESSION privilege
--登陆报错,缺少系统权限restricted session 

Warning: You are no longer connected to ORACLE.
SQL> conn / as sysdba
Connected.
SQL> grant restricted session to roidba;

Grant succeeded.
--授予系统权限restricted session 

SQL> conn roidba/roidba
Connected.
--使用roidba连接数据库,成功

SQL> conn / as sysdba
Connected.
SQL> revoke restricted session from roidba;
--收回权限

Revoke succeeded.

SQL> alter system disable restricted session;
--取消限制

System altered.

SQL> conn roidba/roidba;
--收回权限和取消限制抵消,可以继续登陆
Connected.
SQL> 

这些都是OCP的小知识点,大家有时间多做测试。一定要多动手,多看文档,多思考。

网站栏目:Oraclestartupinrestrictedmode
文章分享:http://cdweb.net/article/ghehdh.html